summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* openssl: backport fix for CVE-2014-0160Paul Eggleton2014-04-092-0/+119
| | | | | | | | | | | | | | | | Fixes the "heartbleed" TLS vulnerability (CVE-2014-0160). More information here: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 Patch borrowed from Debian; this is just a tweaked version of the upstream commit (without patching the CHANGES file which otherwise would fail to apply on top of this version). (From OE-Core rev: bebed954e8fea9d805a0eb6b284dd90177379242) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Security Advisory - openssl - CVE-2013-6449Yue Tao2014-04-092-0/+34
| | | | | | | | | | | | | | | The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before 1.0.2 obtains a certain version number from an incorrect data structure, which allows remote attackers to cause a denial of service (daemon crash) via crafted traffic from a TLS 1.2 client. (From OE-Core master rev: 3e0ac7357a962e3ef6595d21ec4843b078a764dd) (From OE-Core rev: 0d3d2d7062a181e878435487c06e26c6547e492f) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Security Advisory - openssl - CVE-2013-6450Yue Tao2014-04-092-0/+82
| | | | | | | | | | | | | | | | The DTLS retransmission implementation in OpenSSL through 0.9.8y and 1.x through 1.0.1e does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c. (From OE-Core master rev: 94352e694cd828aa84abd846149712535f48ab0f) (From OE-Core rev: 80263dc0b6c02c21949e81564ac1e5c6f198d9ac) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Security Advisory - openssl - CVE-2013-4353Yue Tao2014-04-092-0/+32
| | | | | | | | | | | | | | | The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next Protocol Negotiation record in a TLS handshake. (From OE-Core master rev: 35ccce7002188c8270d2fead35f9763b22776877) (From OE-Core rev: e36aff4b0ed5f70deb4862dc893eef9ceaa93003) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: hob: disable layer drag and drop outside the containing widgetCristiana Voicu2014-04-041-4/+5
| | | | | | | | [YOCTO #6008] (Bitbake rev: 0f7b6a03c64292983d2cc715e5e5badb1cdc5cae) Signed-off-by: Cristiana Voicu <cristiana.voicu@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* documentation: Updated the Manual Revision History tables.yocto-1.4.3dylan-9.0.3Scott Rifenbark2014-03-256-6/+6
| | | | | | | | | | The release pushed into March so I changed the revision date in the manual history tables from February to March. (From yocto-docs rev: 27214ecebd7a74eb54bc92aaff020b5dbfa8d2ba) Signed-off-by: Scott Rifenbark <scott.m.rifenbark@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* build-appliance-image: Update to head revisionRichard Purdie2014-03-201-1/+1
| | | | Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* packagegroup-self-hosted: Add missing python codeSaul Wold2014-03-201-0/+5
| | | | | | | | | | | | | | | These are in the Toolchain list, so they should also be installed on the build appliance [YOCTO #5061] Fixes [YOCTO #5941]. (Partial backport of OE-Core master rev: 82374feece5c576f9950bad6861b1e00c6b30d84) (From OE-Core rev: 58b479f4d4d283e590a55a71151fca481fbe3c24) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* build-appliance-image: Update to head revisionRichard Purdie2014-03-181-1/+1
| | | | Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sstate: Drop 'SafeDep' code from setscene validation functionRichard Purdie2014-03-181-8/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | I have a feeling this code exists from the time before we had proper coverage of one sstate task by another task. At that time it was a "poor" persons version of that idea, we now have much better code internal to bitbake which handles this. Worse, this code actually breaks certain rebuild scenarios, e.g.: bitbake libtool-cross bitbake libtool-cross -c cleansstate rm tmp -rf bitbake libtool-cross would fail as binutils-cross wasn't installed from sstate. The easiest fix is to remove the obsolete/broken code. [YOCTO #5773] (From OE-Core master rev: ccad07f35fb7f959e24fd50d04c7d10dd5cf20d0) (From OE-Core rev: 30d3f06fddea2d8f3537d3415c95d75a6487078c) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* build-appliance-image: Update to head revisionRichard Purdie2014-03-171-1/+1
| | | | Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* build-appliance-image: Update to head revisionRichard Purdie2014-03-171-1/+1
| | | | Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rpm: Enable compatibility with older RPM packages that have invalid platformsMark Hatle2014-03-132-1/+26
| | | | | | | | | | | | | | | | | | | Some LSB packages appear to have the platform set to '%{_target_platform}' which is not a valid platform field. This causes a failure of the type: warning: package lsb-test-core-4.1.15-1.x86_64 is intended for a %{_target_platform} platform When we detect an invalid platform, fall back and try to construct a new platform name that may be valid based on the arch and os contents of the package. (This should only ever be needed by invalid or older RPM packages.) (From OE-Core master rev: 6513fa327aeb7e9fdd313290c205917952eed226) (From OE-Core rev: c3f1bedb2494a2465db23a4d89b9f998db953f0d) Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lsbtest: fix comparison bashismStefan Stanacar2014-03-132-4/+4
| | | | | | | | | | | | | | == is a bashism use = instead. (Based on OE-Core master rev: c90d1047c41148cbd57f26b5a34563346602a71b) (From OE-Core rev: abf46d03eff2288715b054057ac253eca61f8a63) Signed-off-by: Stefan Stanacar <stefanx.stanacar@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* init-install-efi.sh: Remove unnecessary udev rules file to avoid errorsDarren Hart2014-03-131-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | Fixes [YOCTO #5233] Modeled after Chen Qi's fix to [YOCTO #3924] from oe-core commit: 6b6db7b4fb7aa17b8e29076decc830149b9d35bc init-install.sh: remove unnecessary udev rules file to avoid error messages /etc/udev/scripts/mount.sh is removed by init-install-efi.sh, but the udev rules file which specifies the invocation of this script is not removed, thus causing the error message during a live install: /etc/udev/scripts/mount.sh: No such file or directory The /etc/udev/rules/automount.rules no longer works once the mount.sh script is removed. Remove it to avoid the error message. (From OE-Core master rev: 1f5a2b616d902b1158e348bf8c33b6d36e21cadc) (From OE-Core rev: c45acfae254004baa4011a35addf0e26a11d71bd) Signed-off-by: Darren Hart <dvhart@linux.intel.com> Cc: mihaix.lindner@linux.intel.com Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* runqemu: Use correct kvm CPU options for qemux86* with kvmRichard Purdie2014-03-131-1/+5
| | | | | | | | | | | | | | | The existing -cpu host option caused kernel panics when people attempted to use the kvm option. After research and discussion, the best options appear to be the kvm32/kvm64 cpu types so lets use these instead. These resolve the kernel issues for me. [YOCTO #3908] (From OE-Core master rev: bdc6d3be6ffa4ed358153f9c9332b632324f5833) (From OE-Core rev: 8f3ecfda5e57fbc1903dec1cbb44c92ef599849f) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python-2.7-manifest: Add missing python-ctypes dependency to ↵Richard Purdie2014-03-132-2/+2
| | | | | | | | | | python-multiprocessing (From OE-Core master rev: 5abf18a7f11ee9e88e0eec1b66cc63427d9097a8) (From OE-Core rev: 35555a670a157cf08f6472065b2d1c41e340e8f2) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* build-appliance-image: Update to head revisionRichard Purdie2014-03-061-1/+1
| | | | Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: fix failure during do_compilePaul Eggleton2014-03-062-0/+637
| | | | | | | | | | | | | | | Add a Debian patch to fix a load of errors building the documentation within do_compile e.g.: | ./x509-api.texi:15: misplaced { | ./x509-api.texi:15: misplaced } (From OE-Core master rev: b09a9a5f298596795f17243e5ffcf7dab295a8e6) (From OE-Core rev: fae45abd37636741d51e5b75ad2c09f43b72d01d) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* build-appliance-image: Update to head revisionRichard Purdie2014-03-051-1/+1
| | | | Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* poky.conf: add Poky-1.4.3 to SANITY_TESTED_DISTROS for Build AppliancePaul Eggleton2014-03-051-0/+1
| | | | | | | (From meta-yocto rev: 2c2be428a127d67b608686ef6e8d1142c9f59be2) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: Fixed bug that prevented the rejection of v1 intermediate CA ↵Karl Hiramoto2014-03-052-1/+35
| | | | | | | | | | | | | | | | | | | | | certificates. This patch is for the OE-Core dylan branch - it comes from upstream: >From 467478d8ff08a3cb4be3034ff04c9d08a0ceba3e From: Nikos Mavrogiannopoulos <nmav@redhat.com> Date: Wed, 12 Feb 2014 16:41:33 +0100 For more info see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1959 http://www.gnutls.org/security.html#GNUTLS-SA-2014-1 https://www.gitorious.org/gnutls/gnutls/commit/467478d8ff08a3cb4be3034ff04c9d08a0ceba3e (From OE-Core rev: 2d6d738d52fa93de4514b65140b1e68cfae7434a) Signed-off-by: Karl Hiramoto <karl@hiramoto.org> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: CVE-2014-0092 correct return codesKarl Hiramoto2014-03-052-0/+107
| | | | | | | | | | | | | | | | | | | | | This patch is for the OE-Core dylan branch - it comes from upstream: git://gitorious.org/gnutls/gnutls.git branch: gnutls_2_12_x commit: 6aa26f78150ccbdf0aec1878a41c17c41d358a3b Author: Nikos Mavrogiannopoulos <nmav@gnutls.org> Date: Thu Feb 27 19:42:26 2014 +0100 For more info see: http://www.gnutls.org/security.html#GNUTLS-SA-2014-2 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0092 https://www.gitorious.org/gnutls/gnutls/commit/6aa26f78150ccbdf0aec1878a41c17c41d358a3b (From OE-Core rev: d6224391677b54a8f32d0303b859424323aaf8d3) Signed-off-by: Karl Hiramoto <karl@hiramoto.org> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* subversion: fix build problem when sysroot contains '-D' or '-I'Chen Qi2014-02-172-0/+33
| | | | | | | | | | | | | | | | | | | If sysroot contains '-D' or '-I' characters, the SVN_NEON_INCLUDES and the corresponding CFLAGS will not get the correct value. This will cause build failures. This patch fixes the above problem. [YOCTO #5458] (From OE-Core master rev: 7078397ef39de43244fca7e24683b2a83913cbbf) (From OE-Core rev: 42232782b9a3aa0ed03c5dda84fc0b865b74b2dd) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: fetch2: Don't allow '/' in user:pass, fix branch containing '@'Martin Jansa2014-02-172-2/+3
| | | | | | | | | | | | | | * currently decode_url regexp parses branch=@foo as username so it ends like this: - ('git', '', 'foo', 'git.openembedded.org/bitbake;branch=', '', {}) + ('git', 'git.openembedded.org', '/bitbake', '', '', {'branch': '@foo'}) * http://hg.python.org/cpython/file/2.7/Lib/urlparse.py also assumes that there is at least one '/' as separator between netloc and path, params, so it looks reasonable to prevent including '/' in username (Bitbake rev: 66d01338ab1095775b854ad7509f4d2631c6e6ed) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: bitbake: lib/bb/cache.py: Change debugging note to a debug messageMark Hatle2014-02-171-1/+1
| | | | | | | | | | | | | | Some apparently debugging was left in in a previous commit. This caused bitbake to return a list of bbappends when things changed from the cache. Make this a proper debug message. (Bitbake master rev: 1965e5cbdfede18d7b7cb0218e0a5147c3f1c884) (Bitbake rev: 586adebdafdd4d11e5a277f72206875ae8828864) Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* guile: fix the depends for target recipesPaul Eggleton2014-02-091-1/+1
| | | | | | | | | | | | The depenency on guild-native and libatomics-ops is missing in multilib build, fix the depends with class-target. (From OE-Core master rev: 88f1913f7cea54f0e4e1024ea506b5ce9faea96b) (From OE-Core rev: 1aeab422006c5e5b1bffa3fa05669fcb01d7ffdf) Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libx11: backport _XEatDataWords APIPaul Eggleton2014-02-082-0/+66
| | | | | | | | | | | | | | | | If you build libx11-native then that has to be ABI-compatible with the libX11 on the host or you'll have problems running qemu-native. Most current distros are using libX11 1.6+. Thus, we need to backport the _XEatDataWords API present in 1.6. This only affects the dylan branch as dora+ has libx11 1.6+. Fixes [YOCTO #5040]. (From OE-Core rev: ce8deda64f78ac48820d06c4f90c20a31f9e3eed) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* build-appliance-image: Update to dylan head revisionRichard Purdie2014-01-231-1/+1
| | | | | | (From OE-Core rev: 629a46359a06b4912ddf030ca2b2c69a011dfa88) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* documentation: Updated Manual revision tables to February 2014.Scott Rifenbark2014-01-216-6/+6
| | | | | | | | | All six tables adjusted from January to February. (From yocto-docs rev: 1e0b618bacf2e7dabbe36d6603fc3a8656f50c8c) Signed-off-by: Scott Rifenbark <scott.m.rifenbark@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* poky.ent: Fixed broken OE_LISTS_URL.Scott Rifenbark2014-01-211-1/+1
| | | | | | | | | | | This variable was wrong and it was causing six mailing links in the manual set to no resolve. Who knows how long they have been broken. They work now. (From yocto-docs rev: b088ddee322b42a243ecc35840931640d77f6e53) Signed-off-by: Scott Rifenbark <scott.m.rifenbark@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* poky.ent: Updated lists.linuxtogo.org with lists.openembedded.orgScott Rifenbark2014-01-211-1/+1
| | | | | | | (From yocto-docs rev: 0706317755e5703e8add9788b0e5d384c936dfa2) Signed-off-by: Scott Rifenbark <scott.m.rifenbark@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* guile: fix build with Texinfo 5.0Paul Eggleton2014-01-212-0/+72
| | | | | | | | | | | | Backport a patch from upstream which fixes failures building guile-native on newer distros such as Ubuntu 13.10. (This does not affect dora or master because we are using Guile 2.0.9 there, which already contains this patch.) (From OE-Core rev: 977372f806dfe597cd14244e7a4db0caba5c65b2) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grep: Add patch for texinfo 5.1Saul Wold2014-01-212-0/+14
| | | | | | | | | (From OE-Core master rev: bc6258f88705b0e7989089a8666ac5e5d2355823) (From OE-Core rev: 80848b0df18e5a962adda35750431e28c19f9204) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* build-appliance-image: Update to dylan head revisionRichard Purdie2014-01-151-1/+1
| | | | | | (From OE-Core rev: bca606597de6c5c2de98ae1949857e4481623939) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: hob/hoblistmodel: check if vals of packages/recipes names are not NoneCristiana Voicu2014-01-081-2/+6
| | | | | | | | | | | [YOCTO #5053] (Corresponds to BitBake master rev: ba9fe77e37be31e8246431578902e871dd94515e) (Bitbake rev: d2bfdb12d64e8dfa6c4518c159065d39456667bb) Signed-off-by: Cristiana Voicu <cristiana.voicu@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cmake.bbclass: ensure CMAKE_SYSTEM_NAME is correctSaul Wold2014-01-081-1/+1
| | | | | | | | | | | | | | Using TARGET_OS can add the ABIEXTENSION so ensure that is is removed for the Linux TARGET_OS, we might have other TARGET_OSes so don't hard code CMAKE_SYSTEM_NAME [YOCTO #5145] (From OE-Core master rev: 7d8b700242b1b32c6b6d0735b497701800f54fc4) (From OE-Core rev: 5dc70fe4adfbc21426c461971e5a252233a015ba) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cmake: set system name correctlyRichard Purdie2014-01-081-1/+1
| | | | | | | | | | | | | | For unknown reasons, the cmake class is using SDK_OS as the target system OS. This makes no sense but only shows up as a problem when you try a different SDK OS. Fix it to use TARGET_OS which is the correct thing to do. For the vast majority of users this will make no difference. (From OE-Core master rev: 57be84259f0885865c85d7bac350979430b956b5) (From OE-Core rev: 8a414086c04acb1c9387567a49f05577fa0d66ba) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libsoup-2.4: add intltool-native to DEPENDSPaul Eggleton2013-12-191-1/+1
| | | | | | | | | | | | | | | The configure script looks for this; most of the time dependency chains ensure this is present but we need to be explicit or failures can occur. Reported by Nicolas Dechesne <nicolas.dechesne@linaro.org> (From OE-Core master rev: 22e45ed7d74ceb4a719e7b5889400c20ed4a0783) (From OE-Core rev: 394fa61d00b97c19610bfb38f02174c4e8aeeb15) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* build-appliance-image: Update to dylan head revisionRichard Purdie2013-12-131-1/+1
| | | | | | (From OE-Core rev: f79b2a6ff3e9f6bd5bfb6ae166d28569b0f1149d) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* poky.conf: Flip DISTRO_VERSION for 1.4.3Beth Flanagan2013-12-131-2/+2
| | | | | | | | | With 1.4.3 we need to flip vars in 1.4.3 (From meta-yocto rev: e5c4a75e0ae32e35b27934a66e9157f8910b5489) Signed-off-by: Beth Flanagan <elizabeth.flanagan@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* documentation: Updated Manual revision table for 1.4.3 release.Scott Rifenbark2013-12-136-0/+30
| | | | | | | | | | Using January of 2014 for the date. All six manuals that have a table: adt, bsp, dev, kernel, profile, and ref. (From yocto-docs rev: 8722f2a4ff4203134135c5b81a8d99d6421e218f) Signed-off-by: Scott Rifenbark <scott.m.rifenbark@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mega-manual.sed: Updated to support a 1.4.3 mega-manual build.Scott Rifenbark2013-12-131-9/+9
| | | | | | | (From yocto-docs rev: 910223dbdb06b585a48073dcebc29bfdc5c8a685) Signed-off-by: Scott Rifenbark <scott.m.rifenbark@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* poky.ent: Changed variables to support a 1.4.3 release.Scott Rifenbark2013-12-131-6/+6
| | | | | | | (From yocto-docs rev: 33fd454a003ca85cb0a1c7a2c974ca40504d751b) Signed-off-by: Scott Rifenbark <scott.m.rifenbark@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* poky.ent: Fixed variable for ADT Installer download linkScott Rifenbark2013-12-131-1/+1
| | | | | | | | | | | | | | | | The YOCTO_ADTINSTALLER_DL_URL variable used to point to the ADT Installer tarball download area was incorrect. It was set to "&YOCTO_RELEASE_DL_URL;/adt_installer". Community member Dusty Clark ran into trouble downloading from the link in the "Current" documentation version of the Application Developer's Manual. I fixed the variable to be YOCTO_ADTINSTALLER_DL_URL "&YOCTO_RELEASE_DL_URL;/adt-installer". Reported-by: Dusty Clark <dclark@mmto.org> (From yocto-docs rev: 63959cfd6ff096c9d1bcff39453358f3cbe8472e) Signed-off-by: Scott Rifenbark <scott.m.rifenbark@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* build-appliance-image: Update to dylan head revisionRichard Purdie2013-12-121-1/+1
| | | | | | (From OE-Core rev: b17beebf488d8392698a5efdd6f08b599c1ee1cd) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libtiff: CVE-2013-4243Baogen Shang2013-12-122-1/+42
| | | | | | | | | | | | | | | | | | | cve description: Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted height and width values in a GIF image. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4243 (From OE-Core dora rev: a2a200a3951cecd7dd43dee360e0260051c97416) (From OE-Core rev: 95f9889ac7e2731e3fb67f4b9db4bb634dd2a894) Signed-off-by: Baogen Shang <baogen.shang@windriver.com> Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libtiff: CVE-2013-4232Baogen Shang2013-12-122-1/+17
| | | | | | | | | | | | | | | | | | | cve description: Use-after-free vulnerability in the t2p_readwrite_pdf_image function in tools/tiff2pdf.c in libtiff 4.0.3 allows remote attackers to cause a denial of service (crash) or possible execute arbitrary code via a crafted TIFF image. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4232 (From OE-Core dora rev: 60482e45677c467f55950ce0f825d6cb9c121c9c) (From OE-Core rev: 96ae9c1b9a0baab55d00aaaafb1df8ca8c928314) Signed-off-by: Baogen Shang <baogen.shang@windriver.com> Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libtiff: fix CVE-2013-1960Ming Liu2013-12-122-1/+153
| | | | | | | | | | | | | | | | | | Heap-based buffer overflow in the tp_process_jpeg_strip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image file. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1960 (From OE-Core dora rev: 66387677cbd85ba4a76a254942377621acd68249) (From OE-Core rev: 70f37e59b9d2c5e5ebb67283363acb02c76504a8) Signed-off-by: Ming Liu <ming.liu@windriver.com> Signed-off-by: Jeff Polk <jeff.polk@windriver.com> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gst-ffmpeg: fix CVE-2013-3674Ming Liu2013-12-122-0/+27
| | | | | | | | | | | | | | | | | | | The cdg_decode_frame function in cdgraphics.c in libavcodec in FFmpeg before 1.2.1 does not validate the presence of non-header data in a buffer, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted CD Graphics Video data. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3674 (From OE-Core master rev: f1721553a873b242bc26ad3e4d618aea39dfd507) (From OE-Core rev: 23f323b80cbef122a4ed0897dfff54bb1b0b8ec0) Signed-off-by: Ming Liu <ming.liu@windriver.com> Signed-off-by: Jeff Polk <jeff.polk@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>